topic Re: root password issue in Operating System - HP-UX

root password issue

Charles McCary — Mon, 22 Jun 2009 15:37:28 GMT

Group,

here's the scenario:

1) We are able to remsh to the system, so we can get to a root prompt.

2) We want to change the root password, but we don't know the OLD password.

3) HPUX 11.11 trusted system.

Thoughts:

Can we simply?
erase the u_pwd field in /tcb/files/auth/r/root

Re: root password issue

Patrick Wallek — Mon, 22 Jun 2009 15:40:54 GMT

Yes.

To have a null password the line needs to look like:

:u_pwd=:\

Re: root password issue

Charles McCary — Mon, 22 Jun 2009 15:42:27 GMT

Patrick,

thanks...no need to go to single user mode right?

Re: root password issue

Vivek Bhatia — Mon, 22 Jun 2009 15:44:29 GMT

Hi Charles,

Yes you can do that by editing the file.

/tcb/files/auth/r/root

Remove the encrypted content from mentioned between.

:u_pwd=:\

And no need to go to single user mode.

Regards
Vivek

Re: root password issue

Vivek Bhatia — Mon, 22 Jun 2009 15:46:29 GMT

For Example , if you have a entry like this.

:u_pwd=XXXXX:\

Then Remove XXXXX (encrypted content from the file) and that will allow you to login with empty password.

Vivek

Re: root password issue

OldSchool — Mon, 22 Jun 2009 16:10:38 GMT

"Patrick,

thanks...no need to go to single user mode right?"

how do you propose to login as root to make the change then?

Re: root password issue

Charles McCary — Mon, 22 Jun 2009 16:11:57 GMT

See #1 in original question...we have root access, just not the old password. thanks.

Re: root password issue

Charles McCary — Mon, 22 Jun 2009 16:16:08 GMT

I guess my main concern is doing this "on the fly" in mulit-user mode. I don't want something to get corrupted.

Re: root password issue

OldSchool — Mon, 22 Jun 2009 16:27:29 GMT

ah....missed that bit...yes, you can do it in multiuser. once you "unset" it as described above, simply log in and set it to whatever new value is desired.

Re: root password issue

Robert-Jan Goossens_1 — Mon, 22 Jun 2009 16:28:58 GMT

Hi Charles,

Actually if you have root access (remsh) you can do this on the fly.

# vi /tcb/files/auth/r/root

Remove the password hashed field and save.

# passwd root

Regards,
Robert-Jan

Re: root password issue

doug hosking — Tue, 23 Jun 2009 04:06:47 GMT

Rather than bypassing the protections of normal tools by directly editing the file, I'd be tempted to first try resetting the password with /sbin/passwd (not /usr/bin/passwd) after doing the remsh (or from a single user mode shell, if necessary). If I remember right (don't have access to a system right now to check), this will not ask for the old password.

Permissions on this executable on currently supported HP-UX versions are set to not allow non-root users to run it. Since root COULD directly edit the file and achieve the same result without knowing the password, there is no reason for /sbin/passwd to ask for it. This is likely a much cleaner way of dealing with the issue you face.

Re: root password issue

Charles McCary — Tue, 23 Jun 2009 11:45:07 GMT

Group, the solution of editing the root file under the tcb tree worked fine for us.

I did try the /sbin/passwd in one of our test environments and it did prompt for the old password.

Thanks everyone